AMENDMENT UNDER 37 C.F.R. § 1.111 
U.S. APPLICATION NO. 09/891,545 
ATTORNEY DOCKET NO. Q64735 

AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions and listings of claims in the application: 
LISTING OF CLAIMS: 

1 . (Currently Amended) A method for enabling a user registered in an Network Access 
Server as already connected to a host Virtual Private Network to communicate with at least one 
communication device outside of said host Virtual Private Network, said Network Access Server 
having access over a data communication network to said communication device and to a 
plurality of Virtual Private Networks including said host Virtual Private Network, wherein said 
method comprises! 

detecting a message being sent from sending messages belonging to a communication 
betwe e n said user toand-said communication device while said user is currently connected to 
said host Virtual Private Network; and 

directing said message to ever-a logical channel between said Network Access Server and 
said communication device, wherein said logical channel has, as a logical chann el identifier, 
referring to an identifier of said host Virtual Private Network to which said user is currently 
connected. 
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2. (Currently Amended) The method according to claim 1, wherein said method further 
comprises: 

detecting at said Network Access Server^ the a-message being sent from said user 
destined to said communication device; and 

forwarding said message from said Network Access Server to said communication device 
over said t he-logical channel identified by referring to the identifier of said host Virtual Private 
Network. 

3. (Currently Amended) The method according to claim 1, wherein said method further 
comprises: 

detecting a message from said communication device being received at said Network 
Access Server on the logical channel having, as a logical channel identifier, referring to the 
identifier of said host Virtual Private Network, said message containing a user destination 
address; 

determining a user registered in said Network Access Server as already connected to said 
host Virtual Private Network and corresponding to said destination address; and 
forwarding said message from said Network Access Server to said user. 
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4. (Previously Presented) The method according to claim 1, wherein said messages 
belonging to the communication between said user and said communication device are 
encapsulated in data packets, said data packets comprising a field containing said identifier of 
said host Virtual Private Network or an indication derived from said identifier. 

5. (Currently Amended) The method according to claim 4, wherein said messages 
belonging to the communication between said user and said communication device are sent over 
a tunne l wherein said tunnel has, as a tunnel identifier, having said identifier of said host Virtual 
Private Networ k as tunnel identifier . 

6. (Previously Presented) The method according to claim 1, wherein said messages 
contain IP packets comprising an IP address of said user. 

7. (Previously Presented) The method according to claim 1, wherein said communication 
device is a server belonging to a local Virtual Private Network associated to said Network 
Access Server and different from said host Virtual Private Network. 
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8. (Currently Amended) A Network Access Server for enabling a communication 
between a user and a communication device, said user being registered in said Network Access 
Server as already connected to a host Virtual Private Network, said communication device being 
outside of said host Virtual Private Network, said Network Access Server being able to access to 
a database associating an identifier of said user to an identifier of said host Virtual Private 
Network, said Network Access Server comprising; 

means for detecting a message being sent from said user to said communication device 
while said user is currently connected to said host Virtual Private Network; and 

means for sending said message messages originating from said user and destined to said 
communication device on a logical channel between said Network Access Server and said 
communication device, wherein said logical channel has, as a logical channel identifier, ref e rring 
te-said identifier of said host Virtual Private Network to which said user is currently connected. 
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9. (Currently Amended) A Network Access Server for identifying a user, from a plurality 
of users, to which a message sent by a communication device and received at said Network 
Access Server, said user being already connected over said Network Access Server to a Virtual 
Private Network not included in said communication device, said Network Access Server being 
able to access to a database associating an identifier of said user to an identifier of said Virtual 
Private Network to which said user is already connected, said Network Access Server 
comprising: 

a logical channel controller for determining a logical channel identifier of one logical 
channel on which said message is received at said Network Access server, wherein said logical 
channel has, as a logical channel identifier, said identifier of said host Virtual Pr ivate Network to 
which said user is currently connected ; and 

means for identifying the user to which said message is destined, according to said 
logical channel identifier and said user identifier in said database. 
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10. (Currently Amended) A Network Access Server for enabling a communication 
between a user and a communication device, said user being registered in said Network Access 
Server as already connected to a host Virtual Private Network, said communication device being 
outside of said host Virtual Private Network, said Network Access Server being able to access to 
a database associating an identifier of said user to an identifier of said host Virtual Private 
Network, said Network Access Server comprising a forwarding engine for detecting messages 
being sent from said user to said communication device while said user is currently connected to 
said host Virtual Private Network and for sending said messages originating from said user and 
destined to said communication device on a logical channel between said Network Access Server 
and said communication device, wherein said logical channel has, as a logical channel identifier, 
referring to said identifier of said host Virtual Private Network to which said user is currently 
connected. 

11. (Previously Presented) The Network Access Server according to claim 10, further 
comprising a logical channel controller that directs the message on the logical channel between 
said Network Access Server and said communication device. 
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12. (Currently Amended) A Network Access Server for identifying a user, from a 
plurality of users, to which a message sent by a communication device and received at said 
Network Access Server, said user being already connected over said Network Access Server to a 
Virtual Private Network not included in said communication device, said Network Access Server 
being able to access to a database associating an identifier of said user to an identifier of said 
Virtual Private Network to which said user is already connected, said Network Access Server 
comprising: 

a logical channel controller for determining a logical channel identifier of one logical 
channel on which said message is received at said Network Access serve r, wherein said logical 
channel has, as a logical channel identifier, said identifier of said host Virtual Private Network to 
which said user is currently connected ; and 

a database searcher for identifying the user to which said message is destined, according 
to said logical channel identifier and said user identifier in said database. 

13. (Previously Presented) The Network Access Server according to claim 12, further 
comprising a forwarding engine that forwards said message from said logical controller to said 
user after said user has been identified. 
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